Memes as public policy messaging

Huge investment opportunity don’t miss out. Just joking (we do not touch ICOs): the US Securities Exchange Commission (SEC) have launched their own ICO, the HoweyCoin. The SEC set up a website, HoweyCoins.com, that mimics a bogus coin offering to educate investors about what to look for before they invest in a scam. Anyone who clicks on “Buy Coins Now” will be led instead to investor education tools and tips from the SEC and other financial regulators. We liked the Coin Center‘s response: “Memes are the future of public policy messaging”. You may find the bogus ICO launch website here and the SEC press release here.

Videogames – what’s in the box?

The battle continues. After stirring controversy and regulatory attention worldwide, EA recently withdrew “lootboxes” from its video game Star Wars: Battlefront 2. What are lootboxes anyway and why they may be unlicensed gambling activity? In-game sales of digital content are lucrative (Candy Crush Soda made $120m last year) and, generally, not controversial. But “lootboxes” work like sealed packs of collectible cards: the user buys a box for a few dollars without knowing its exact digital content (additional “lives” etc). If lucky, the box will contain valuable items that she can trade in the game or, crucially, in marketplaces outside the game (yes, they do exist) for fiat currency. Many players do not bother but “whales” may spent thousands compulsively or in pursuit of profits. The powerful psychology behind “unboxing” is for another discussion. What got the attention of regulators is their elements of chance and payoff. Unsurprisingly given their game revenues, US/UK regulators initially responded that lootboxes are not gambling. But Belgium/Netherlands announced last week investigations into whether games (such as FIFA 18) engage in unlicensed gambling. This could be, ahem, game-changing and result in a general EU ban. Let’s see what’s in the box for them!

London Business School lecture

Enjoyed guest lecturing on financial and legal innovation at my alma mater London Business School this morning at the kind invitation of Profs Narayan Naik and Gary Dushnitsky. We discussed “tokenomics”, data-driven contracts and the digital scarcity achieved with CryptoKitties and other “non-fungible” tokens (more serious than it sounds!). Thanks also to Antony Jenkins (ex-CEO of Barclays Group and now CEO of 10xbanking) for his valuable insights and, in particular, his view of commercial banking as a “data service” susceptible to software disruption.

Cambridge Analytica

To paraphrase: Cambridge Analytica were only doing their job. And, strictly speaking, Facebook did not suffer from a data breach. Who to blame then? The FB login tool. When users log-in apps using FB account (rather than new credentials), the apps access their profile data and, until 2015, those of their friends. This is how a “standard” app called “thisisyourdigitallife” used FB login to create accounts with users opting to share personal profile data. Some doubt this is technically a “data breach” citing the lack of the intrusion-element; the leak being the result of “contacts harvesting” rather than of an external active hack by a malicious actor. Well, does it matter anyway? As Ido Kilovaty argues: “There should be no material difference if the personal information was obtained through a breach or through manipulating and exploiting FB’s data ecosystem. The result is the same – user personal information in unauthorized hands”. The GDPR notion of data breach as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to, personal data transmitted, stored, or otherwise processed” seems inconclusive and hardly calms the nerves. Our Carlo Marmo will be sharing his tech and regulatory recommendations shortly.

UX design and neurological manipulation

The US Senate asked Zuckerberg whether he “hires consultants to tell [him] how to tap into dopamine feedback loops to keep people addicted.” He denied and confirmed that he did not know of any social media companies in the room that do. But would it be unlawful if they did? We have been researching whether there any specific laws prohibiting user experience design from engaging in emotional and neurological manipulation. We could not find any. We suspect that these effects are indistinguishable from the general premise of UX design and, as a result, would not be unlawful; for example, they would probably not amount to unlawful trade practices for which the US Fair Trading Commission had pressed charges against FB. In his book Hooked, (Stanford Prof and behavioral design expert) Nir Eyal promotes addictive UX design and explains how “through consecutive hook cycles, successful products reach their ultimate goal of unprompted user engagement, bringing users back repeatedly without costly advertising or aggressive messaging.” The unlikely hero in this book is the 29yo designer of the viral “Flappy Bird” game who after a few days of huge popularity and profit said that he could not take any more how addictive his game was and shut it down.

Central Bank Digital Currencies

We are delighted to have been appointed advisors to AtCash on regulatory matters. AtCash (US, UAE) consults on and develops decentralised ledger technology (DLT) and digital (fiat) currencies for central banks and financial institutions in Middle East, Asia and Africa. We believe in the potential of these technologies to expedite settlement and reduce reconciliation costs in wholesale and retail banking and, importantly, to “include” populations currently underserved by commercial banks. An informative paper by the Bank for International Settlements on digital (fiat) currencies can be found: here.

Amazon vs OpenBazaar

Just a thought. Would Souq.com (the leading Middle Eastern online marketplace) become obsolete if its blockchain peer OpenBazaar eventually delivered on its promises many years from today? Probably yes. We find the economic premise of blockchain ecosystems to be this: replace (centralized) firms with (decentralised) marketplaces. Historically, the former are needed to enable market participants to overcome the inefficiencies of traditional marketplaces (logistics, payments etc). What if market participants can now transact directly using code as a means of trust? What if this code is open-sourced and enhanced by a crowd of developers? And what if the market participants have a stake (token) in that ecosystem? Well, the rent extracted by the firm would return to the marketplace. OpenBazaardoes exactly that and charges zero fees. Transactions are built as “Ricardian contracts”; each step of a trade is cryptographically signed with escrow payment arrangements; payment is released upon multi-signatures by the transacting parties and reputable moderators who are remunerated to resolve disputes. Put simply, the market no longer needs the firm as long as it can appropriate its IT department. Brilliant.

ICO scam in US/UAE

AriseBank (Dubai, UAE and Texas, US) Update: The US Securities and Exchange Commission (SEC) obtained a court order freezing the funds (claimed to be $600m!) raised during the AriseBank ICO. AriseBank purported to be the “world’s first decentralised bank” with operations in Dubai, UAE and Texas, US. If anyone has transferred funds to them and wants to know more about these recent developments in the US, feel free to get in touch. The full SEC complaint is: here.

Ahead of our launch

Ahead of our official launch in March, we will be presenting in a series of posts what keeps us busy here at Curiositas. We have had a promising start to the year working on “smart contract” (software) prototypes that seek to address “painpoints” in the formation and execution of commercial contracts. Examples include (a) the transfer of assets and settlement of funds with irrevocable software instructions; and (b) the automation of claims-handling in “parametric” insurance contracts. Our team works on both the tech development and legal enforceability of such contracts and we plan to deploy the first of them by the end of the year. Get in touch if you want to discuss our portfolio of use cases or explore your own projects – we are available to share resources, invest or enter into joint ventures in pursuit of exciting ideas. Or get in touch if you just want to waste some time creating debt instruments with your “crypto-kitties” as collateral. We do that too.

Lynx Festival of Creativity

Curiositas and friend James Welch (digital marketing expert, Digital Orchestra) are discussing economics of online attention, tokenisation of network effects, reward of users for online behavior and tracking content use at the Data_Innovation_Tech Stage of Dubai Lynx International Festival of Creativity on Monday 12 March. Ahead of the discussion, we have set up an Earn.com webpage to answer relevant questions (https://lnkd.in/f6KxH_k). Earn.com is a promising (decentralised) alternative to (centralised) Linkedin Mail. Instead of Linkedin extracting a rent to facilitate the correspondence between the sender and recipient of a message, the recipient is paid by the sender to read and respond to her message. This decentralised application (dApp) is free to use and several users opt to donate their proceeds to charity. We donate ours to the great people at think tank Coin Center.

GDPR and extraterritorial effect

Our Ilaria Di Nepi is conducting extensive research on privacy and data protection regulations across jurisdictions in Europe and the Middle East. Ilaria has been looking, in particular, into (a) the extra-territorial effect of the forthcoming EU General Data Protection Regulation (GDPR) on UAE entities and (b) the recent developments in the Abu Dhabi Global Market (ADGM) following the establishment of the ADGM Office of Data Protection last December. ADGM recently modernized its data protection regulations with updated key definitions and imposed pressing timelines for data breach notification. What are “sensitive personal data” under the new regulations? How are affected businesses expected to review internal processes to avoid fines up to USD25k? Will the forthcoming EU GDPR inspire new amendments from ADGM? We will be reporting on these new developments as they happen. Until then, get in touch if you want to have a detailed discussion.